UbuntuUpdates.org

Package "libfreerdp-plugins-standard"

Name: libfreerdp-plugins-standard

Description:

RDP client for Windows Terminal Services (plugins)

Latest version: 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4
Release: xenial (16.04)
Level: security
Repository: main
Head package: freerdp
Homepage: http://www.freerdp.com/

Links


Download "libfreerdp-plugins-standard"


Other versions of "libfreerdp-plugins-standard" in Xenial

Repository Area Version
base main 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1
updates main 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4

Changelog

Version: 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4 2020-06-04 14:06:39 UTC

  freerdp (1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4) xenial-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/CVE-2020-*.patch: backported commits to fix a
      multitude of security issues.
    - CVE-2020-11042, CVE-2020-11045, CVE-2020-11046, CVE-2020-11048,
      CVE-2020-11049, CVE-2020-11058, CVE-2020-11521, CVE-2020-11522,
      CVE-2020-11523, CVE-2020-11525, CVE-2020-11526, CVE-2020-13396,
      CVE-2020-13397, CVE-2020-13398

 -- Marc Deslauriers <email address hidden> Wed, 03 Jun 2020 09:03:25 -0400

Source diff to previous version
CVE-2020-11042 In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of
CVE-2020-11045 In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image b
CVE-2020-11046 In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
CVE-2020-11048 In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has be
CVE-2020-11049 In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been pa
CVE-2020-11058 In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a res
CVE-2020-11521 libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVE-2020-11522 libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
CVE-2020-11523 libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
CVE-2020-11525 libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
CVE-2020-11526 libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
CVE-2020-13396 An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/l
CVE-2020-13397 An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/c
CVE-2020-13398 An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/cryp

Version: 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.3 2018-12-12 12:07:08 UTC

  freerdp (1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Integer truncation in update_read_bitmap_update
    - debian/patches/CVE-2018-8786.patch: Promote count to 32-bit integer
      type to avoid integer truncation in libfreerdp/core/update.c. Based on
      upstream patch.
    - CVE-2018-8786
  * SECURITY UPDATE: Integer overflow in gdi_Bitmap_Decompress
    - debian/patches/CVE-2018-8787.patch: Check for and avoid possible
      integer overflow in libfreerdp/gdi/graphics.c. Based on upstream
      patch.
    - CVE-2018-8787
  * SECURITY UPDATE: Buffer overflow in nsc_rle_decode
    - debian/patches/CVE-2018-8788.patch: Check for lengths and avoid
      possible buffer overflow in libfreerdp/codec/nsc.c and
      libfreerdp/codec/nsc_encode.c. Based on upstream patch.
    - CVE-2018-8788
  * SECURITY UPDATE: Out-of-bounds read in ntlm_read_message_fields_buffer
    - debian/patches/CVE-2018-8789.patch: Ensure to use 64-bit integer
      type when checking offset against stream length in
      winpr/libwinpr/sspi/NTLM/ntlm_message.c. Based on upstream patch.
    - CVE-2018-8789

 -- Alex Murray <email address hidden> Tue, 11 Dec 2018 16:35:47 +1030

Source diff to previous version
CVE-2018-8786 FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update()
CVE-2018-8787 FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and re
CVE-2018-8788 FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption
CVE-2018-8789 FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfau

Version: 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.2 2017-08-07 18:06:55 UTC

  freerdp (1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: integer overflow in license_read_scope_list
    - debian/patches/CVE-2014-0791.patch: check length in
      libfreerdp/core/license.c.
    - CVE-2014-0791
  * SECURITY UPDATE: multiple code execution and DoS issues
    - debian/patches/CVE-2017-283x.patch: fix issues in
      libfreerdp/core/capabilities.c, libfreerdp/core/certificate.*,
      libfreerdp/core/connection.c, libfreerdp/core/gcc.c,
      libfreerdp/core/info.c, libfreerdp/core/license.c,
      libfreerdp/core/mcs.c, libfreerdp/core/nego.c,
      libfreerdp/core/peer.c, libfreerdp/core/rdp.*,
      libfreerdp/core/security.*, libfreerdp/core/surface.c,
      libfreerdp/core/tpkt.*, libfreerdp/core/transport.c.
    - CVE-2017-2834, CVE-2017-2835, CVE-2017-2836, CVE-2017-2837,
      CVE-2017-2838, CVE-2017-2839
  * debian/patches/alignment_test_failure.patch: fix FTBFS on armhf because
    of failing alignment test.

 -- Marc Deslauriers <email address hidden> Thu, 03 Aug 2017 11:09:58 -0400

CVE-2014-0791 Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a d
CVE-2017-2834 Out-of-bounds write in license_recv()
CVE-2017-2835 Out-of-bounds write in rdp_recv_tpkt_pdu
CVE-2017-2836 Rdp Client Read Server Proprietary Certificate Denial of Service
CVE-2017-2837 Rdp Client GCC Read Server Security Data Denial of Service
CVE-2017-2838 Rdp Client License Read Product Info Denial of Service
CVE-2017-2839 Rdp Client License Read Challenge Packet Denial of Service



About   -   Send Feedback to @ubuntu_updates